The Cyber Analytics (R)Evolution

By Sheldon Shaw, Cyber Analytics Lead, SAS Canada

Policy in a World of Data

We have always lived in a measurable world. But in the 21st century, what and how we measure the world has changed with the kinds of data we collected. In Canada’s public sector, the rise of big data has meant a new era of data-based decision making for policy-makers at all levels. From the economy, to labour, transit, healthcare, demographics and state security, data holds the key to smart policy decision.

The fact is, big data isn’t going away any time soon.

The fact is, big data isn’t going away any time soon. But data isn’t without danger. It seems every few months a large company announces that it has been hacked (Sony, eBay, Target).Public sector organizations are also increasingly at risk, with the US Justice Department’s claim of Chinese attacks making headlines. Canadian agencies aren’t safe either, with news of a Justice Canada phishing scam affecting 5,000 employees last summer. These are just some of the latest in a growing trend that illuminates a simple fact: as the world becomes more connected and we increasingly have access to all kinds of data, connectivity always comes at the cost of a possible breach.

The Traditional Approach: Put Up a Wall

Traditionally, data and network security has focused on firewalls, intrusion detection and intrusion prevention. The metaphor of a firewall essentially sums up this approach: focus on making sure no one gains access to the network by putting up a barrier. If no one can get into the network, there’s no issue.

Increasingly, however, security specialists are beginning to realize that putting up a barrier doesn’t always work. As fast as experts put up a firewall, savvy hackers find a way around it—or through it. Since the employees working behind a network firewall are human, there’s always going to be a level of human error to consider when approaching security solutions. This is exactly what criminal hackers exploit when they perform a phishing scam. The idea is simple: you reach out to someone via email, offering them a deal or pretending to be someone else, and if they open the email, a surreptitious code gives them access to the machine. Now the hacker has breached the firewall barrier by exploiting a simple human misunderstanding, a case of mistaken identity in which you opened an email you thought was from someone else. Once given access to the machine, which is on the network, the firewall is now useless.

While firewalls and barriers are helpful in the fight for cyber security, they can only be so effective. Luckily, the very data we put behind firewalls is proving to be the key to better security.

The Cyber Analytics (R)Evolution

It used to be that the more data you had, the larger the liability it was. Data was expensive to collect and it only became valuable when analyzed, which happened over a long period of time. Then, on top of everything else, you had to protect the data, often with nothing more than flimsy security software.

Today, with the explosion of advanced and high speed analytics technologies, the mountains of Big Data companies and governments are collecting every day can be analyzed in instantly. The analytics processes that used to take weeks or days, now take minutes or seconds, providing valuable insights in near real time. For public and private sector organizations, this has meant the ability to make an informed decision in the moment, using real time data.

It turns out the key to stopping hackers in their tracks is data – lots and lots of data. Public and private-sector organizations all over the world are starting to use something called Cyber Analytics to defend their systems.

They are taking internal and external information—from firewall data and behavioral profiles to cyber threat intelligence and fraud alerts—analyzing it in real time and an identifying anomalous patterns of activity that in the past would have gone undetected. What used to be a liability is now an asset, as data becomes the key to recognizing threats before they materialize and identifying clandestine activity before it becomes a breach. Now government organizations can spot potential hacks and prevent them from occurring.

The fact is, big data isn’t going away any time soon. Populations are growing, online activity is growing and organizational efficiencies in all sectors are being improved because of the volume of data being collected. The vision of a world in which data helps improve everything from urban infrastructure to healthcare delivery in rural communities is no longer the talk of techno revolutionaries or Futurist dreamers. We are currently on the brink of the Internet of Things that will bring new ways to view and measure all aspects of a state on the micro and macro levels, helping policy-makers make decisions with a level of accuracy never dreamed of in the past. But while policy moves to catch up with the unprecedented opportunities for data collection and analyses that the Internet of Things will bring, security cannot lag behind. Cyber analytics will be the only true way to ensure Canadian government agencies, at all levels, can remain secure in a connected world.

About the Author

Sheldon Shaw held a variety of executive and operational positions in the Government of Canada. During his time in the Government of Canada he was faced with several policy issues surrounding data and security. Since his departure from Government he has recognized that the strains and challenges faced by Public Sector Executives have increased – not only from the design of policy but also in measuring policy that relates to Data. Mr. Shaw holds a degree from Acadia University in English and Political Science and is currently working on cyber issues for SAS – a world leader in analytics.